OAuth/SSO login doesn't work (Sign in with Google, Apple, etc.)

[JordanCoin]

Problem

"Sign in with Google/Apple" and other OAuth/SSO flows don't work in the WKWebView browser.

What happens

• Google detects the embedded WKWebView and shows "This browser or app may not be secure"
• ASWebAuthenticationSession opens but cookies don't transfer back to the main WKWebView
• Popup-based OAuth (window.open) loses the window.opener reference

Current workaround

Use email/password login instead of SSO buttons. This works fine.

Code location

See BrowserController.swift:

• startAuthSession() - ASWebAuthenticationSession attempt
• createPopupSync() / createPopup() - popup WebView for OAuth
• handleAuthCallback() - callback URL parsing

Attempted solutions

1. ASWebAuthenticationSession - Opens system browser but cookies don't sync back
2. Shared WKProcessPool - Enabled cookie sharing but still doesn't work
3. SFSafariViewController - Can't programmatically control it
4. Custom user agent - Already spoofing as Safari, Google still detects WKWebView

Possible solutions to explore

• Use Safari directly via open -a Safari and poll for cookies
• Inject JavaScript to intercept OAuth tokens before redirect
• Use a local proxy to capture OAuth redirects
• Deep link callback scheme that transfers tokens

Related

This is a known limitation of WKWebView. Many apps face this issue.

Contributions welcome!